KeyChains: A Decentralized Public-Key Infrastructure

A Certification Authority (CA) can be used to certify keys and build a Public-Key Infrastructure (PKI) when all users trust the same CA. A decentralized PKI trades off absolute assurance on keys for independence from central control and improved scalability and robustness. The PGP "Web of trust" model has been suggested as a decentralized certification system, and has been used with great success for secure email. Although the PGP web of trust model allows anyone to issue certificates which can be used to form certificate chains, the discovery and construction of certificate chains relies on centralized key-servers to store certificates and respond to queries.